Beware of this new Mac malware targeting your data and devices

In the grand scheme of cyber threats, a new villain has emerged from the shadows, targeting none other than our beloved Mac users. With a penchant for pilfering passwords, greed for grabbing crypto, and a propensity for pocketing personal data, this digital bandit goes by the name “Realst.” Masked behind the guise of counterfeit blockchain games, it poses an ominous threat to your virtual safety.

“Realst” isn’t just your run-of-the-mill malware – oh no – it’s a crafty chameleon in the world of cybercrime, vetting its victims through seemingly innocent game access codes shared over social media or direct messages.

MORE: HOW TO BACKUP YOUR MAC COMPUTER

The chameleonic nature of Realst

Imagine a cunning trickster that can wear many masks and change its tactics at a moment’s notice. That’s exactly what the Realst malware is, a shapeshifting entity in the world of cybercrime. As an analysis conducted by the cybersecurity firm, SentinelOne, reveals, Realst doesn’t just have one form but 16 distinct variants that it uses to carry out its malicious activities.

Unpacking technical terms

To understand this better, let’s unpack a few technical terms. Mach-O, which stands for Mach Object file format, is a file format for executables, object code, shared libraries, and others used by older versions of Mac OS. In simpler terms, they’re a type of file that can perform actions on your computer.

In the case of the Realst malware, when a user attempts to download one of these counterfeit blockchain games, they’re actually downloading these Mach-O files. The deception is twofold – the user receives no game but instead gets a file that can execute malicious actions on their device.

Circumventing Apple’s security measures

Now you might think, doesn’t Apple have robust security measures to prevent such incidents? Absolutely, they do. But the perpetrators behind Realst have found a way to circumvent these measures. They use Apple Developer IDs, typically used by legitimate developers to sign their apps, to authenticate these malicious installers. While these IDs have since been revoked, they initially lent an aura of credibility to the malware, enabling it to bypass Apple’s defenses.

Thus, Realst acts as a deceptive digital chameleon, constantly changing its appearance and modus operandi to slip past security measures and wreak havoc on your device.

MORE: HOW TO FIND YOUR LOST MACBOOK

Realst: the selective browser attacker

Contrary to what you might expect, Realst doesn’t indiscriminately target all browsers. It’s particular about its victims. Firefox, Chrome, Opera, Brave Vivaldi, and the Telegram app are its chosen ones, leaving Safari in the clear. Whether it’s browser-stored passwords, cookies, or sensitive data, Realst siphons it. Not just content with that, it even breaches Apple’s Keychain, the company’s proprietary password manager. Alarmingly, the masterminds behind Realst are already setting their sights on Macs running macOS 14 Sonoma, even before it hits the market.

Keeping Realst at arm’s length

Wondering how to fortify your digital castle against the stealthy onslaught of Realst? Here’s your action plan:

  • Beware of unknown games: Start by avoiding unknown or suspicious online games, especially those advertised on social media or shared through direct messages.
  • Stick to Apple’s App Store: When downloading new apps or programs for your Mac, stay within the safe confines of Apple’s App Store. It employs stringent security checks to ensure that listed apps are secure.
  • Keep your guard up: Even with Apple’s pre-installed defenses, such as XProtect antivirus software and the Gatekeeper malware scanner, you might want an extra line of defense. Third-party antivirus software, especially those with a solid reputation and frequent updates, can help keep you safe from the latest malware strains.

MORE: SURPRISINGLY, THIS APP IS CAUSING NEARLY 50% OF MAC OS MALWARE – DELETE NOW

Realst got real? Here’s your game plan for staying protected

Despite your best efforts, if you find yourself ensnared by Realst, don’t panic. Just follow these steps:

Identify, isolate and remove the threat: If you suspect your Mac has been compromised, the first step is identifying and isolating the problem. Run a full system scan with your security software to identify the malware.

Most antivirus software can effectively quarantine and remove the detected threat.  Keeping hackers out of your devices can be prevented if you have good antivirus software installed. Having antivirus software on your devices will make sure you are stopped from clicking on any potential malicious links which may install malware on your devices, allowing hackers to gain access to your personal information.

Special for CyberGuy Readers:  My #1 pick is TotalAV, and you can get a limited-time deal for CyberGuy readers: $19 your first year (80% off) for the TotalAV Antivirus Pro package.  

Find my review of Best Antivirus Protection here

Best Antivirus Protection 2023

Stay updated: Regularly update your system and antivirus software. This ensures that you’re protected from the latest known threats.

Contact professionals: If the problem persists, contact a professional cybersecurity service. They can help to thoroughly cleanse your system and restore it to safety.

Create alias email addresses: Sometimes, it’s best to create various email aliases so that you don’t have to worry about all your info getting taken in a data breach.  An email alias address is a great way for you to stop receiving constant spam mail by simply deleting the email alias address. To find out more about upgrading the security of your email, click here for my picks:

Best Private and Secure Email Providers 2023

Enable two-factor authentication: Enable two-factor authentication whenever possible. This adds an extra layer of security by requiring a second form of verification, such as a code sent to your phone, in addition to your password.

Change all passwords: As Realst is capable of stealing passwords, it’s critical to change all your passwords. Do this from another device to avoid the malware intercepting your new passwords. Also, consider using a password manager to securely store and generate complex passwords. It will help you to create unique and difficult-to-crack passwords that a hacker could never guess. Second, it also keeps track of all your passwords in one place and fills passwords in for you when you’re logging into an account so that you never have to remember them yourself.  The fewer passwords you remember, the less likely you will be to reuse them for your accounts.

One of the best password managers out there is 1Password. With no known security breaches or vulnerabilities, 1Password is a solid option as a paid password manager. It utilizes a well-designed interface, which features core components that are expected from premium, paid password managers. At the time of publishing, it starts at $2.99 a month, billed annually, for a total of $35.88/year, and you can save more with a family option which includes 5 family members for $60/year.

Get more details about my best expert-reviewed Password Managers of 2023 here.

Best Password Managers expert reviewed for 2023

The digital realm might seem like a game of cat and mouse between cyber criminals and everyday users. Still, with vigilance and the right tools, you can ensure you’re not the mouse.

 

Kurt’s key takeaways

As we navigate the ever-evolving digital landscape, it’s clear the dance between cyber threats and cybersecurity is an endless twirl. With digital shape-shifters like Realst redefining the game, the power lies in staying informed and alert.

How are you bolstering your digital defenses against such evolving cyber threats? Got a handy tip to share? Let us know by commenting below.

FOR MORE OF MY TECH TIPS & SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE

Related posts

Understanding brushing scams and how to protect yourself

From TikTok to trouble: How your online data can be weaponized against you

Massive data breach at federal credit union exposes 240,000 members

21 comments

Jay August 2, 2023 - 7:26 am
I once listened in on a call with a brokerage firm who has an ex NSA person working for them for security. She said if your child and it goes for you are gaming she guarantees your PC is compromised. Her recommendation is buy a separate PC for gaming
Add Comment